The growth of the Internet of Things (IoT) is expected to result in a drastic increase in the amount of data available to describe the world. Some examples of data generated by IoT devices may include sensor data collected from IoT devices, videos and/or images collected from video monitoring systems, and other monitoring and/or performance data collected from data centers (DCs), mobile networks, and/or mobile terminals. As the amount of data increases, users will seek to preserve and/or protect the data. Thus, a security architecture employed to access such data should allow a mechanism which securely accesses and/or “wakes up” a device at any time for security measures.
Third generation partnership project (3GPP) technical specification (TS) 33.401 V 12.5.1 published on October 2012, which is incorporated by reference, provides further details regarding message flows/sequences utilized by the various procedures described herein. Additionally, “SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks” by Chengzhe Lai, et al., which discusses group authentication in long term evolution (LTE) networks and locally authenticating a group of machine type communication (MTC) via a Mobility Management Entity (MME) to avoid round trips for each MTC device between the MME and a Home Subscriber Server (HSS), is incorporated by reference.
The changes throughout IoT are anticipated to be one of the fifth generation (5G) technologies that require an architectural security solution. An IoT MTC device usually has the following criteria: (1) the device is fixed and does not need to support mobility (i.e., such a device more than likely accesses a cellular network over a same point of access over time); (2) the amount of data communication by the device is very small; (3) the frequency of communication by the device to the network is limited (for example once or twice a month); (4) device functionality may be very limited and thus the operating system is limited in scope and functionality to reduce the exposure to attack at the device itself; (5) the device has low power and operates with a very small power supply that needs to last for the lifetime of the IoT device; and (6) the device accesses the network over differing deployment models, for example, direct access over the cellular access network or access through a local IoT gateway.